The first kernel vulnerability patched in Ubuntu 15.04 has been discovered by Benjamin Randazzo and it is related to an information leak in Linux kernel’s md (multiple devices) driver, which could allow a privileged, local attacker to retrieve sensitive information from the kernel.
The second security flaw was discovered by Marc-André Lureau in Linux kernel’s vhost driver, which did not correctly release the userspace stored log file descriptor, allowing privileged attackers to cause a DoS (Denial of Service) attack.
Canonical urges users of Ubuntu 15.04 to update their kernel packages as soon as possible. The update is now live in the distribution’s repositories, so all you have to do to update is run the Software Updater utility and apply all available updates. Don’t forget to reboot your machine once the update process finishes.
Submitted by: Arnfried Walbrecht